pam_pwhistory: use vendor specific pwhistory.conf as fallback

Use the vendor directory defined by --enable-vendordir=DIR configure
option as fallback for the distribution provided default config file
if there is no configuration in /etc.

* modules/pam_pwhistory/pam_pwhistory.8.xml: Describe pwhistory.conf
* modules/pam_pwhistory/pwhistory_config.c [VENDOR_SCONFIGDIR]
(VENDOR_PWHISTORY_DEFAULT_CONF): New macro.
(parse_config_file) [VENDOR_PWHISTORY_DEFAULT_CONF]: Try to open
VENDOR_PWHISTORY_DEFAULT_CONF if PWHISTORY_DEFAULT_CONF file does not
exist.

1 files changed, 16 insertions, 0 deletions

diff --git a/modules/pam_pwhistory/pwhistory_config.c b/modules/pam_pwhistory/pwhistory_config.c
index b21879c6..692cf80e 100644
--- a/modules/pam_pwhistory/pwhistory_config.c
+++ b/modules/pam_pwhistory/pwhistory_config.c
@@ -39,6 +39,7 @@
 #include <stdlib.h>
 #include <string.h>
 #include <syslog.h>
+#include <sys/stat.h>
 
 #include <security/pam_modutil.h>
 
@@ -47,6 +48,10 @@
 
 #define PWHISTORY_DEFAULT_CONF SCONFIGDIR "/pwhistory.conf"
 
+#ifdef VENDOR_SCONFIGDIR
+#define VENDOR_PWHISTORY_DEFAULT_CONF (VENDOR_SCONFIGDIR "/pwhistory.conf")
+#endif
+
 void
 parse_config_file(pam_handle_t *pamh, int argc, const char **argv,
                   struct options_t *options)
@@ -65,6 +70,17 @@ parse_config_file(pam_handle_t *pamh, int argc, const char **argv,
 
     if (fname == NULL) {
         fname = PWHISTORY_DEFAULT_CONF;
+
+#ifdef VENDOR_PWHISTORY_DEFAULT_CONF
+        /*
+         * Check whether PWHISTORY_DEFAULT_CONF file is available.
+         * If it does not exist, fall back to VENDOR_PWHISTORY_DEFAULT_CONF file.
+         */
+        struct stat buffer;
+        if (stat(fname, &buffer) != 0 && errno == ENOENT) {
+            fname = VENDOR_PWHISTORY_DEFAULT_CONF;
+        }
+#endif
     }
 
     val = pam_modutil_search_key (pamh, fname, "debug");